<?php
session_start();
include("../include/config.inc.php");

$todo=$_REQUEST["todo"];
$back=$_GET["back"];

if(isset($todo) && $todo=="todo"){
	$username = $_POST['username'];
	$password = $_POST['password'];
	$code = $_POST['code'];
	$verify = $_SESSION['session_verify'];
	
	if($username==""){
		echo "<script>alert('请输入用户名！');location.href='login.php?back=".$back."';</script>";
		exit;
	}
	if($password==""){
		echo "<script>alert('请输入密码！');location.href='login.php?back=".$back."';</script>";
		exit;
	}
	if($code==""){
		echo "<script>alert('请输入验证码！');location.href='login.php?back=".$back."';</script>";
		exit;
	}
	if($code<>$verify){
		echo "<script>alert('请输入正确的验证码！');location.href='login.php?back=".$back."';</script>";
		exit;
	}
	
	if($username!="" and $password!="" and $code!=""){
	$password = md5($password);
	$re=check_email($username);
	if(preg_match("/^1[34578]{1}\d{9}$/",$username)){  
    	$sql="select member_id from ".tablepre."member where member_mobile='$username' and member_passwd='$password' and member_state='1'";
	}elseif($re){
		$sql="select member_id from ".tablepre."member where member_email='$username' and member_passwd='$password' and member_state='1'";
	}else{
		$sql="select member_id from ".tablepre."member where member_name='$username' and member_passwd='$password' and member_state='1'";
	}	
	$result=$db->query($sql);
	if($db->num_rows($result)==0){
		echo "<script>alert('对不起,输入的帐号或密码不正确！');location.href='login.php?back=".$back."';</script>";
		exit;
	}
	else{
	$row=$db->fetch_array($result);
	$member_id = $row["member_id"];
	$_SESSION[tablepre.'sys_member_id_2017'] = $member_id;
	$sql="update ".tablepre."member set member_login_num=member_login_num+1,member_login_ip='".GetIP()."',member_login_time='".time()."' where member_id='$member_id'";
	$db->query($sql);
	if(!$db->error()){
		if($back=='http://' && $back==''){
			GotoPage('index.php');
		}else{
			GotoPage($back);
		}
	}
	else{
	GotoPage('login.php');
	}		
	$db->free_result($result);
	$db->close();
	exit;	
	}
	}
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="viewport" content="width=device-width, initial-scale=1, minimum-scale=1, maximum-scale=1, user-scalable=no" />
<meta name="format-detection" content="telephone=no" />
<title>用户登陆</title>
<link rel="stylesheet" type="text/css" href="../css/login.css">
<script type="text/javascript" src="../js/clientwidth.js"></script>
</head>

<body>
<header class="header" style="display:block;"><span class="goback"></span>用户登陆<span class="close"></span></header>
<form id="login-form" action="" method="post" onSubmit="return validate_form(this)">
<input name="todo" type="hidden" value="todo">
<section class="loginpage">
	<div class="loginlogo"><img src="../images/logo.png" /></div>
	<div class="loginform">
		<div class="input-container">
            <input id="username" name="username" type="text" placeholder="用户名/邮箱/已验证手机" style="border-radius:5px 5px 0px 0px;border-bottom:none;background-position:0px 3px;">
        </div>
		<div class="input-container">
            <input id="password" name="password" type="password" placeholder="请输入密码" style="border-radius:0px;">
        </div>
		<div class="input-container">
            <input id="code" name="code" type="text" placeholder="请输入验证码" size="11" maxlength="6" style="border-radius:0px 0px 5px 5px;border-top:none;">
            <span class="code-box"><img id="imgCode" src="../include/verify.php" alt="请输入验证码" style="border-radius:0px 0px 5px 0px;"></span>
        </div>
	</div>
	<div class="notice"></div>
	<div class="input-submit"><input name="s" type="submit" class="sub-input" value="登 录" /></div>
	<div class="checkbox-container"><input type="checkbox" class="remberme" checked>一个月内免登录</div>
	<div class="quick-nav">
    	<a href="findpassword.php" class="findpwd">找回密码</a>
        <a href="register.php" class="quickReg">快速注册</a>
    </div>
    <div class="quick-login">
        <h4>其他登录方式</h4>
        <a href="loginbysms.php"><i class="icon icon-mobile"></i><br>短信</a>
		<a href="javascript:;"><i class="icon icon-qq"></i><br>QQ</a>
        <a href="https://open.weixin.qq.com/connect/oauth2/authorize?appid=wxa4cf994a9d00afb8&redirect_uri=http%3A%2F%2Fwx.wycn.com%2Fzt%2Fcut%2FUserInfo.php&response_type=code&scope=snsapi_userinfo&state=1&connect_redirect=1#wechat_redirect"><i class="icon icon-wx"></i><br>微信</a>
    </div>
</section>
</form>
<script>
if (document.body.clientWidth > 500) {
	$('.loginpage').css({
		width: 500,
		margin: '0 auto',
	});
}
</script>
</body>
</html>